9780071494618

Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

by ; ;
  • ISBN13:

    9780071494618

  • ISBN10:

    0071494618

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2008-01-07
  • Publisher: McGraw-Hill Education
  • Purchase Benefits
  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $52.00 Save up to $10.44
  • Buy New
    $41.56
    Add to Cart Free Shipping

    IN STOCK USUALLY SHIPS IN 24-48 HOURS

Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Summary

Lock down next-generation Web services "This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings. Plug security holes in Web 2.0 implementations the proven Hacking Exposed way Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks Circumvent XXE, directory traversal, and buffer overflow exploits Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons Use input validators and XML classes to reinforce ASP and .NET security Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks

Author Biography

Himanshu Dwivedi is a founding partner of iSEC Partners, LLC--a strategic digital security organization. He is the coauthor of Hacker's Challenge 3.

Alex Stamos is a founding partner of iSEC Partners, LLC. He is an experienced security professional and has been a featured speaker at top industry conferences.

Table of Contents

Foreword
Acknowledgments
Introduction
Attacking Web 2.0
Common Injection Attacks
Cross-Site Scripting
Next Generation Web Application Attacks
Cross-Domain Attacks
Malicious JavaScript and AJAX
Net Security
AJAX
AJAX Types, Discovery, and Parameter Manipulation
AJAX Framework Exposures
Thick Clients
ActiveX Security
Attacking Flash Applications
Index
Table of Contents provided by Publisher. All Rights Reserved.

Rewards Program

Write a Review